Blog Posts Tagged with "Denial of Service"

Denial of Service (DoS) attacks used to be the main tool in the Hacktivists toolbox. For the most part, they are not very hi-tech and anyone can run the software to attack websites to aid in their preferred “cause”. But as the recent hacktivism attacks in Israel (and now Pakistan) have shown, DNS server attacks are now all the rage.

Meet the “Fork Bomb”. Basically all it does is instruct Linux to open processes – over and over again for an almost infinite number of times. Your RAM and CPU usage rises until the system no longer responds to input.

Why not deploy an intelligent appliance behind the router and in front of the firewall? Filter out all the junk before you expend any resources in your firewall, or log all the events with your IDS/SEIM. Reduce your need for multiple servers and load balancers. This is like a reverse osmosis for your network...

This is significant because very few companies or organizations have the necessary network infrastructure to deal with such attacks. There might be some companies with popular websites such as Google or Facebook that are able to handle such high-bandwidth floods, but most companies are not...

In order to mitigate this threat, ISPs will need to combine their efforts. It would take a global effort on the part of the ISPs. Until then, the capabilities are there to deal with the issue when it arises on a per incident basis...

A massive cyber attack could increase hostilities, anticipating a conventional strike, but the Government of Teheran is showing awareness of risks related to a cyber attack and it has started a massive propaganda campaign to show to the western world its cyber capabilities...

Successful exploitation of this vulnerability could allow escalation of privileges to full administrative access. The privilege escalation could provide the attacker a vector for making changes to settings, or initiating a complete device shutdown causing a denial of service...

Siemens has reported DoS vulnerabilities in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. When specially crafted packets are received on Ethernet interfaces by the SIMATIC S7-400, the device can default into defect mode. A PLC in defect mode needs to be manually reset to return to normal operation...

What is neutral behavior in the context of cyber warfare? Are you, as a neutral country obliged to drop all traffic between these two waring nations that crosses your networks? And if you’re not, are you obliged to make sure none of the cyber attacks are originating from compromised systems within your borders?

“Q2 data showed a return to traditional infrastructure attacks and is likely a reflection of changing tools for launching DDoS attacks. With Layer 7 attacks, the risk of detection and eventual take down by law enforcement increases because these attacks disclose the IP address of the attacking botnet..."

Researchers have identified multiple vulnerabilities in WellinTech’s KingView and a single vulnerability in WellinTech’s KingHistorian application which are exploitable remotely and could lead to arbitrary code execution, information disclosure, and denial of service...

Being the victim of an attack is not fun and it is easy to understand why businesses would like to take a more active stance against the attackers. Unfortunately, businesses that go down this path are likely to run into technical and legal problems. Let’s examine some of the possible outcomes...

The reported vulnerabilities from DSecRG have been coordinated with WAGO. WAGO has determined that the vulnerabilities can be mitigated by adjusting system configurations of services not in use. WAGO has released a customer cybersecurity notification on best security practices its products...

ICS-CERT is aware of a public report of a buffer overflow vulnerability with proof-of-concept exploit code affecting Sielco Sistemi Winlog. The vulnerability is exploitable by sending specially crafted requests to TCP/46824 which could result in a denial of service and remote code execution...

The indictment alleges that Ryan Cleary controlled a large botnet of potentially hundreds of thousands of units to conduct DDoS attacks and would rent out his botnet for certain time periods in exchange for money from individuals interested in conducting DDoS attacks targeting specific victims...